scream icon indicating copy to clipboard operation
scream copied to clipboard

Published 20 hours ago verified publisher icon duncanthrax

x64 driver hash different from security catalog in 3.8 release zip

Open Hamled opened this issue 2 years ago • 2 comments

I've attempted to install the 3.8 driver on a Windows 10 Pro 19042 x64 machine.

Using the provided batch script, the installation fails with "devcon-x64 failed." as the error message. This left an "Unknown device" entry in Device Manager.

When I attempted to directly specify the Inf file for that device through Device Manager's 'Update driver' option, I got the following error message: "The hash for the file is not present in the specified catalog file. The file is likely corrupt or the victim of tampering."

At first I thought perhaps this was a rather confusing error message stemming from the driver signing issue mentioned in the README. However, I've previously installed Scream drivers on this machine and I was able to verify that the drivers from version 3.7 do install properly.

So, I think perhaps the catalog file for at least the x64 driver in the packaged zip file for release 3.8, is outdated compared with the driver Inf and kernel module files that are included in the same zip file.

Hamled avatar Aug 10 '21 08:08 Hamled

Hmm it works for me. However I only have one system to test right now. Anyone else have that problem with the 3.8 ZIP package?

duncanthrax avatar Aug 11 '21 11:08 duncanthrax

Should probably provide a few more details about what I'm seeing from the catalog file.

In all of the catalog files I've checked (Scream drivers version 3.7 and 3.8 x64, plus some of the VirtIO drivers for windows that I happened to have handy) the hashes for the .sys files don't match what I get from certutil or other tools, so I assume that is due to me not understanding what portion of the .sys file is actually used for calculating the hash which gets stored in the catalog file.

However, only for the Scream 3.8 drivers (the x64 ones at least), the hash for the .inf file also does not match. This is not the case for any of the other drivers I've checked which do install properly.

So in the latest release zip file we have:

  • scream-3.8\Install\driver\x64\Scream.inf - SHA256 is 628970688AF81E8CE714D2C8A7366959322BE84C2376AC1D384B3488DCBD3B56
  • scream-3.8\Install\driver\x64\Scream.cat - SHA256 is 132525AE9E8751F2556E21C31EFCFBC01BA1CB0B6A1EF0DB17501005D278B32E
  • Inside of the above catalog file, the SHA256 thumbprint for scream.inf is 5262C6BE24D2439550150037B3F027ABAE617E010A0F542552E20FC78BFF3F9A

Hamled avatar Aug 12 '21 00:08 Hamled